2 matches found
CVE-2023-32991
A cross-site request forgery CSRF vulnerability in Jenkins SAML Single Sign OnSSO Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML...
CVE-2023-32991
CVE-2023-32991 affects Jenkins SAML Single Sign On (SSO) Plugin v2.0.2 and earlier. The issue is a CSRF vulnerability where attackers can cause the plugin to send HTTP requests to attacker-specified URLs or parse local Jenkins controller XML. Root causes include missing permission checks on multi...